The Register - Security

The Clorox Company admits cyberattack causing 'widescale disruption'

Back to 'manual' order processing for $7B household cleaning biz, financial impact will be 'material'

The Clorox Company, makers of bleach and other household cleaning products, doesn't expect operations to return to normal until near month end as it combs over "widescale disruption to operations" caused by cyber baddies.…

The Hacker News

Operation Rusty Flag: Azerbaijan Targeted in New Rust-Based Malware Campaign

Targets located in Azerbaijan have been singled out as part of a new campaign that's designed to deploy Rust-based malware on compromised systems. Cybersecurity firm Deep Instinct is tracking the operation under the name Operation Rusty Flag. It has not been associated with any known threat actor or group. "The operation has at least two different initial access vectors," security researchers

/r/netsec - Information Security News & Discussion

#ShortAndMalicious — DarkGate

submitted by /u/OwnPreparation3424
[link] [comments]

The Hacker News

Inside the Code of a New XWorm Variant

XWorm is a relatively new representative of the remote access trojan cohort that has already earned its spot among the most persistent threats across the globe.  Since 2022, when it was first observed by researchers, it has undergone a number of major updates that have significantly enhanced its functionality and solidified its staying power.  The analyst team at ANY.RUN came across the newest

The Hacker News

Earth Lusca's New SprySOCKS Linux Backdoor Targets Government Entities

The China-linked threat actor known as Earth Lusca has been observed targeting government entities using a never-before-seen Linux backdoor called SprySOCKS. Earth Lusca was first documented by Trend Micro in January 2022, detailing the adversary's attacks against public and private sector entities across Asia, Australia, Europe, North America. Active since 2021, the group has relied on

The Hacker News

Live Webinar: Overcoming Generative AI Data Leakage Risks

As the adoption of generative AI tools, like ChatGPT, continues to surge, so does the risk of data exposure. According to Gartner’s "Emerging Tech: Top 4 Security Risks of GenAI" report, privacy and data security is one of the four major emerging risks within generative AI. A new webinar featuring a multi-time Fortune 100 CISO and the CEO of LayerX, a browser extension solution, delves into this

The Hacker News

Microsoft AI Researchers Accidentally Expose 38 Terabytes of Confidential Data

Microsoft on Monday said it took steps to correct a glaring security gaffe that led to the exposure of 38 terabytes of private data. The leak was discovered on the company's AI GitHub repository and is said to have been inadvertently made public when publishing a bucket of open-source training data, Wiz said. It also included a disk backup of two former employees' workstations containing secrets

The Hacker News

Nearly 12,000 Juniper Firewalls Found Vulnerable to Recently Disclosed RCE Vulnerability

New research has found that close to 12,000 internet-exposed Juniper firewall devices are vulnerable to a recently disclosed remote code execution flaw. VulnCheck, which discovered a new exploit for CVE-2023-36845, said it could be exploited by an "unauthenticated and remote attacker to execute arbitrary code on Juniper firewalls without creating a file on the system." CVE-2023-36845 refers to a

/r/netsec - Information Security News & Discussion

DEF CON 31 Main Stage Talks

submitted by /u/albinowax
[link] [comments]

The Hacker News

Transparent Tribe Uses Fake YouTube Android Apps to Spread CapraRAT Malware

The suspected Pakistan-linked threat actor known as Transparent Tribe is using malicious Android apps mimicking YouTube to distribute the CapraRAT mobile remote access trojan (RAT), demonstrating the continued evolution of the activity. "CapraRAT is a highly invasive tool that gives the attacker control over much of the data on the Android devices that it infects," SentinelOne security

/r/netsec - Information Security News & Discussion

Wind River VxWorks tarExtract directory traversal vulnerability (CVE-2023-38346)

submitted by /u/fr0r
[link] [comments]

The Register - Security

Australia to build six 'cyber shields' to defend its shores

Local corporate regulator warns boards that cyber is totally a directorial duty

Australia will build "six cyber shields around our nation" declared home affairs minister Clare O'Neill yesterday, as part of a national cyber security strategy.…

WeLiveSecurity

10 tips to ace your cybersecurity job interview

Once you’ve made it past the initial screening process and secured that all-important interview, it’s time to seal the deal. These 10 tips will put you on the right track.

WeLiveSecurity

Ballistic Bobcat's Sponsor backdoor – Week in security with Tony Anscombe

Ballistic Bobcat is a suspected Iran-aligned cyberespionage group that targets organizations in various industry verticals, as well as human rights activists and journalists, mainly in Israel, the Middle East, and the United States

WeLiveSecurity

Read it right! How to spot scams on Reddit

Do you know what types of scams and other fakery you should look out for when using a platform that once billed itself as “the front page of the Internet”?

WeLiveSecurity

ESET Research Podcast: Sextortion, digital usury and SQL brute-force

Closing intrusion vectors force cybercriminals to revisit old attack avenues, but also to look for new ways to attack their victims

WeLiveSecurity

Sponsor with batch-filed whiskers: Ballistic Bobcat’s scan and strike backdoor

ESET Research uncovers the Sponsoring Access campaign, which utilizes an undocumented Ballistic Bobcat backdoor we have named Sponsor

WeLiveSecurity

Will you give X your biometric data? – Week in security with Tony Anscombe

The update to X's privacy policy has sparked some questions among privacy and security folks, including how long X will retain users' biometric information and how the data will be stored and secured

WeLiveSecurity

Staying ahead of threats: 5 cybercrime trends to watch

New reports from Europol and the UK’s National Crime Agency (NCA) shed a light on how the battle against cybercrime is being fought

WeLiveSecurity

Getting off the hook: 10 steps to take after clicking on a phishing link

Phishing emails are a weapon of choice for criminals intent on stealing people’s personal data and planting malware on their devices. The healing process does not end with antivirus scanning.

WeLiveSecurity

Fake Signal and Telegram apps – Week in security with Tony Anscombe

ESET research uncovers active campaigns targeting Android users and spreading espionage code through the Google Play store, Samsung Galaxy Store and dedicated websites

WeLiveSecurity

What you need to know about iCloud Private Relay

If you want to try to enter the world of VPNs with a small dip, then iCloud Private Relay is your friend — but is it a true VPN service? The devil is in the details.

WeLiveSecurity

BadBazaar espionage tool targets Android users via trojanized Signal and Telegram apps

ESET researchers have discovered active campaigns linked to the China-aligned APT group known as GREF, distributing espionage code that has previously targeted Uyghurs

WeLiveSecurity

Recovering from a supply-chain attack: What are the lessons to learn from the 3CX hack?

The campaign started with a trojanized version of unsupported financial software

WeLiveSecurity

How a Telegram bot helps scammers target victims – Week in security with Tony Anscombe

ESET researchers uncover a Telegram bot that enables even less tech-savvy scammers to defraud people out of their money

WeLiveSecurity

Telekopye: Hunting Mammoths using Telegram bot

Analysis of Telegram bot that helps cybercriminals scam people on online marketplaces

WeLiveSecurity

Scarabs colon-izing vulnerable servers

Analysis of Spacecolon, a toolset used to deploy Scarab ransomware on vulnerable servers, and its operators, CosmicBeetle

WeLiveSecurity

A Bard’s Tale – how fake AI bots try to install malware

The AI race is on! It’s easy to lose track of the latest developments and possibilities, and yet everyone wants to see firsthand what the hype is about. Heydays for cybercriminals!

WeLiveSecurity

Evacuation of 30,000 hackers – Week in security with Tony Anscombe

DEF CON, the annual hacker convention in Las Vegas, was interrupted on Saturday evening when authorities evacuated the event's venue due to a bomb threat

WeLiveSecurity

DEF CON 31: US DoD urges hackers to go and hack ‘AI’

The limits of current AI need to be tested before we can rely on their output

WeLiveSecurity

Mass-spreading campaign targeting Zimbra users

ESET researchers have observed a new phishing campaign targeting users of the Zimbra Collaboration email server.

WeLiveSecurity

DEF CON 31: Robot vacuums may be doing more than they claim

When it comes to privacy, it remains complicated and near impossible for a consumer to make an informed decision.

WeLiveSecurity

Black Hat 2023: Hacking the police (at least their radios)

Hiding behind a black box and hoping no one will hack it has been routinely proven to be unwise and less secure.

WeLiveSecurity

Black Hat 2023: How AI changes the monetization of search

Search engines, AI, and monetization in the new era

WeLiveSecurity

Black Hat 2023: AI gets big defender prize money

Black Hat is big on AI this year, and for a good reason

WeLiveSecurity

Black Hat 2023: ‘Teenage’ AI not enough for cyberthreat intelligence

Current LLMs are just not mature enough for high-level tasks

WeLiveSecurity

20k security folks in the desert – Week in security with Tony Anscombe

Unsurprisingly, artificial intelligence took the center stage at this year's edition of Black Hat, one of the world's largest gatherings of cybersecurity professionals

WeLiveSecurity

Black Hat 2023: Cyberwar fire-and-forget-me-not

What happens to cyberweapons after a cyberwar?

WeLiveSecurity

ESET Research Podcast: Unmasking MoustachedBouncer

Listen as ESET's Director of Threat Research Jean-Ian Boutin unravels the tactics, techniques and procedures of MoustachedBouncer, an APT group taking aim at foreign embassies in Belarus

WeLiveSecurity

MoustachedBouncer: Espionage against foreign diplomats in Belarus

Long-term espionage against diplomats, leveraging email-based C&C protocols, C++ modular backdoors, and adversary-in-the-middle (AitM) attacks… Sounds like the infamous Turla? Think again!

WeLiveSecurity

Time is money, and online game scammers have lots of it

Gamers and cybersecurity professionals have something in common – the ever-terrible presence of hacking, scams, and data theft – but how and why would anyone want to target gamers?

WeLiveSecurity

Check cybersecurity pre-invest – Week in security with Tony Anscombe

When you invest in a company, do you check its cybersecurity? The U.S. Securities and Exchange Commission has adopted new cybersecurity rules.

WeLiveSecurity

Fingerprints all over: Can browser fingerprinting increase website security?

Browser fingerprinting is supposedly a more privacy-conscious tracking method, replacing personal information with more general data. But is it a valid promise?

WeLiveSecurity

The grand theft of Jake Moore’s voice: The concept of a virtual kidnap

With powerful AI, it doesn’t take much to fake a person virtually, and while there are some limitations, voice-cloning can have some dangerous consequences.

WeLiveSecurity

Quantum computing: Will it break crypto security within a few years?

Current cryptographic security methods watch out - quantum computing is coming for your lunch.

WeLiveSecurity

Is backdoor access oppressive? – Week in security with Tony Anscombe

Bills granting access to end-to-end encrypted systems, opportunity for cybercriminals, abuse by authority, human rights, and tech companies leaving the UK?

WeLiveSecurity

Gathering dust and data: How robotic vacuums can spy on you

Mitigate the risk of data leaks with a careful review of the product and the proper settings.

WeLiveSecurity

Dear all, What are some common subject lines in phishing emails?

Scammers exploit current ongoing events, account notifications, corporate communication, and a sense of urgency.

WeLiveSecurity

What happens if AI is wrong? – Week in security with Tony Anscombe

Responses generated by ChatGPT about individual people could be misleading or harmful or spill their personal information. What are the takeaways for you as a ChatGPT user?

WeLiveSecurity

8 common work-from-home scams to avoid

That ‘employer’ you’re speaking to may in reality be after your personal information, your money or your help with their illegal activities

WeLiveSecurity

Child identity theft: how do I keep my kids’ personal data safe?

Why is kids’ personal information in high demand, how do criminals steal it, and what can parents do to help prevent child identity theft?

WeLiveSecurity

Protect yourself from ticketing scams ahead of the Premier League Summer Series USA Tour

There is a significant secondary marketplace where tickets can sell for several times their original value, opening the opportunity for scammers and fraud

WeLiveSecurity

Key findings from ESET Threat Report H1 2023 – Week in security with Tony Anscombe

Here's how cybercriminals have adjusted their tactics in response to Microsoft's stricter security policies, plus other interesting findings from ESET's new Threat Report

WeLiveSecurity

The danger within: 5 steps you can take to combat insider threats

Some threats may be closer than you think. Are security risks that originate from your own trusted employees on your radar?

WeLiveSecurity

ESET Research Podcast: Finding the mythical BlackLotus bootkit

Here's a story of how an analysis of a supposed game cheat turned into the discovery of a powerful UEFI threat

WeLiveSecurity

ESET Threat Report H1 2023

A view of the H1 2023 threat landscape as seen by ESET telemetry and from the perspective of ESET threat detection and research experts

WeLiveSecurity

Emotet: sold or on vacation? – Week in security with Tony Anscombe

Originally a banking trojan, Emotet later evolved into a full-blown botnet and went on to become one of the most dangerous cyberthreats worldwide

WeLiveSecurity

What’s up with Emotet?

A brief summary of what happened with Emotet since its comeback in November 2021

WeLiveSecurity

Deepfaking it: What to know about deepfake-driven sextortion schemes

Criminals increasingly create deepfake nudes from people’s benign public photos in order to extort money from them, the FBI warns

WeLiveSecurity

Verizon 2023 DBIR: What’s new this year and top takeaways for SMBs

Here are some of the key insights on the evolving data breach landscape as revealed by Verizon’s analysis of more than 16,000 incidents